API Security and Management

The industry-leading family of API management gateways from CA Technologies offers unmatched flexibility, performance and security. Building on the foundation of its industry-leading SOA application gateway technology for exposing, securing and managing backend applications, network systems or infrastructure via APIs, CA Technologies has added critical mobile, cloud and REST composition features. With this additional functionality, CA API Gateways represent the best available solution for enterprises looking to open data and services to partners, developers, mobile apps, cloud services and smart devices.

The SOA Gateway is CA Technologies top-of-the-line API Gateway. The SOA Gateway offers all the RESTful features of the API Proxy plus advanced SOA security and mediation features for backend connectivity to databases, mainframes and applications. It can act as a lightweight enterprise service bus (ESB) with API identity, security and management built in.

The SOA Gateway includes backend connectors to a diverse range of data stores, mainframes and legacy applications. It provides data translation, contextual routing, SLA management, caching, protocol switching and B2B functionality. It can also act as an API composition and virtualization endpoint for more complex orchestrations.

To support DMZ deployments, the SOA Gateway includes Web application firewalling (WAF), mobile firewalling and API DoS capabilities. Like all CA Technologies Gateways, it has pre-built integrations with a wealth of enterprise infrastructure products, including all leading commercial IAM and message-oriented middleware solutions as well the most popular business intelligence and event correlation tools.

CA Technologies offers two core technology components that cover a wide range of identity and access use cases for enterprise APIs:

OAuth Toolkit: a complete OAuth implementation that leverages the CA API Gateway technology to enable both resource servers and authorization servers, including a set of configurable policy templates covering key OAuth use cases.

Security Token Service: A SAML-based Security Token Service that leverages the API Gateway Technology to perform general token mappings, generation of custom attribute-based tokens and a range of OAuth token operations in combination with the OAuth Toolkit.

For advanced mobile use cases, CA Mobile API Gateway includes an SDK that simplifies implementation of Single Sign-On to enterprise-level apps.